Securing Understanding

A client calls our bank and is unhappy about the security questions.

Client: “I should not be giving answers to those questions.”

Me: “Well, those are to help us identify that it is you calling. That is a part of our security policy.”

Client: “But I already told you I am [Name, Surname]. You should know it’s me!”

Losing hope he will understand, I try some bluffing:

Me: “So you want us to remove the security policy on your account?”

Client: “Yes, exactly.”

Me: “Okay, so, please confirm, you are authorizing us to provide all information related to your account, and to do all account-related operations for anybody who calls us and says they are [Name, Surname], am I right?”

Client: “Are you crazy? Of course not. Only me, I am [Name, Surname]!”

Me: “Mister, how are we gonna know who is [Name, Surname], and who is not, if we skip security policy as per your request?”

Client: “…?”

Me: “…?”

I don’t know how, but finally he understood why we have a security policy and why he has to answer all those questions.